New Alerts for Flowise, Dell, HPE, Expat, WAGO, IBM, and Linux.

Flowise

Flowise contains a vulnerability where a node parses the user-provided input, executing JavaScript code without security validation, to build the MCP server configuration. CVSSv3 score of 10.
More info.

Dell

Dell has published a Critical bulletin for PowerProtect DP Series Appliance.
More info.

HPE

Security vulnerabilities have been identified in HPE Telco Unified Correlation and Automation. Highest CVSSv3 score of 7.5
More info.

Expat

libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. CVSSv3 score of 7.5
More info.

WAGO

A vulnerability in the Ethernet switch circuit on CC100, Touch Panels 600 and Edge Controller is caused by a PullUp resistor at the reset input, leading to premature activation and undefined operation. CVSSv3 score of 6.5
New hardware is required to fix.
More info.

IBM

IBM has published a Critical bulletin for Business Automation Insights.
More info.

Linux

SUSE has updated the kernel. More info.
Red Hat has updated the kernel, kernel-rt, and kpatch. More info.
Oracle Linux has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts